QwikSec

Security Database

CVE

CWE

Training

CVE-2015-0800

Published: Apr 1, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android does not properly generate random numbers for query ID values and UDP source ports, which makes it easier for remote attackers to spoof DNS responses by guessing these numbers, a related issue to CVE-2012-2808.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_SECTRACK

http://www.mozilla.org/security/announce/2015/mfsa2015-41.html

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

https://bugzilla.mozilla.org/show_bug.cgi?id=1110212

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.